Webwasher 6.0.1 Anti-Malware User's Guide - McAfee

More documents

Recommendations

Info

Introduction Chapter 1 Welcome to the User’s Guide Webwasher® Anti-Malware. It provides you with the information needed to configure and use the Anti-Malware product, which is one of the products of the Webwasher Secure Content Management (SCM) Suite. The Webwasher Anti-Malware product enables you to configure in-depth malware detection and blocking at the corporate gateway, thus protecting your network against attacks coming in through Web and e-mail traffic. The Anti-Malware Proactive Scanning technology detects and blocks unknown malicious code, as well as potentially unwanted programs, day-zero attacks and exploits, and neutralizes suspicious script code. Anti-Malware PreScan filtering technology radically improves performance by reducing the load sent to the anti-malware engine for virus scanning. First the Webwasher filters are applied to incoming traffic, only then is potentially malicious content passed on to the anti-malware engine. The anti-malware engine and the gateway server are linked via ICAP. They are not co-resident on the gateway and so offer no single point of failure. 1–1
Page 1 and 2: USER’S GUIDE Webwasher Anti-Malwa
Page 3 and 4: Contents Chapter 1 Introduction ...
Page 5: Contents 4.9 Proactive Scanning Cac
Page 9 and 10: 1.3 Using Webwasher Introduction A
Page 11 and 12: 1.3.2 Configuring a Sample Setting
Page 13 and 14: 1.3.3 General Features of the Web I
Page 15 and 16: Information Update Introduction Som
Page 17 and 18: 1.4 Introduction After modifying th
Page 19 and 20: 1.4.2 Documentation on Special Prod
Page 21: Introduction The following two prod
Page 24 and 25: Home 2.1 Overview 2.2 The following
Page 26 and 27: Home 2-4 System Alerts The System A
Page 28 and 29: Home 2-6 To enable the emergency mo
Page 30 and 31: Home 2-8 Support The Support sectio
Page 32 and 33: Home 2.4.1 Feedback 2-10 The Feedba
Page 34 and 35: Home 2-12 There are three sections
Page 36 and 37: Home 2-14 • Send interval in . .
Page 38 and 39: Home 2.4.3 Malware Feedback Black L
Page 40 and 41: Home 2.5 Manuals 2-18 Use the follo
Page 42 and 43: Home 2-20 To view any of the docume
Page 44 and 45: Home 2-22 Instant Message Filter Do
Page 46 and 47: Home 2.6 Preferences 2.6.1 Preferen
Page 48 and 49: Home 2-26 If you are only intereste
Page 50 and 51: Home 2.7 License 2-28 — Allow rea
Page 52 and 53: Home 2-30 License Information The L
Page 54 and 55: Home 2.7.2 Notification 2-32 The No
Page 56 and 57:
Home 2-34 Using this section, you c
Page 58 and 59:
Common 3.1 Overview 3.2 The followi
Page 60 and 61:
Common 3-4 Media Type Filter The Me
Page 62 and 63:
Common 3-6 Furthermore, you need to
Page 64 and 65:
Common 3-8 Media Type Black List Th
Page 66 and 67:
Common 3.2.3 Media Type White List
Page 68 and 69:
Common 3-12 This addition will be v
Page 70 and 71:
Common 3.3.1 Document Inspector 3-1
Page 72 and 73:
Common 3-16 Document Upload Filter
Page 74 and 75:
Common 3-18 Use the following check
Page 76 and 77:
Common To do this, select a policy
Page 78 and 79:
Common Using this section, you can
Page 80 and 81:
Common 3-24 Header Filter List The
Page 82 and 83:
Common 3.6.1 Generic Body Filter 3-
Page 84 and 85:
Common So, to block, e. g. all HTML
Page 86 and 87:
Common 3-30 They are described in t
Page 88 and 89:
Common 3-32 A text link is the grou
Page 90 and 91:
Common 3-34 Script Filter The Scrip
Page 92 and 93:
Common 3-36 Advertising Filter Sett
Page 94 and 95:
Common 3-38 Link Filter List The Li
Page 96 and 97:
Common 3.7.3 Dimension Filter List
Page 98 and 99:
Common 3-42 — Add to Dimension Fi
Page 100 and 101:
Common 3.8.1 Settings 3-44 The Sett
Page 102 and 103:
Common 3-46 It leaves the referer u
Page 104 and 105:
Common 3-48 Make sure this radio bu
Page 106 and 107:
Common 3-50 Cookie Filter List The
Page 108 and 109:
Common 3.9.1 Settings 3-52 To do th
Page 110 and 111:
Common 3.9.2 Categorization List 3-
Page 112 and 113:
Common 3-56 To add a text categoriz
Page 114 and 115:
Common 3.10.1 White List 3-58 The o
Page 116 and 117:
Common 3-60 To add an object to the
Page 118 and 119:
Common 3.11 User Defined Categories
Page 120 and 121:
Common • Category 1 to Category n
Page 122 and 123:
Common 3-66 Media Type Catalog The
Page 124 and 125:
Common 3-68 -Magicbytesareambiguous
Page 127 and 128:
Content Security Chapter 4 The feat
Page 129 and 130:
Content Security To do this, select
Page 131 and 132:
AV PreScan The AV PreScan section l
Page 133 and 134:
Content Security Note that enabling
Page 135 and 136:
Behavioral Heuristics The Behaviora
Page 137 and 138:
Behavioral Heuristics for Potential
Page 139 and 140:
Proactive Scanning Setup The Proact
Page 141 and 142:
Content Security At this level, the
Page 143 and 144:
4.3.4 ActiveX Controls The ActiveX
Page 145 and 146:
— Write access to local files Thi
Page 147 and 148:
4.3.6 Windows Executables The Windo
Page 149 and 150:
Page 151 and 152:
Malware Naming The Malware Naming s
Page 153 and 154:
Built-in Whitelist The Built-in Whi
Page 155 and 156:
General Error Handling The General
Page 157 and 158:
Special Windows Executable Types Co
Page 159 and 160:
Content Security At the top of this
Page 161 and 162:
4.3.10 Dynamic Link Libraries The D
Page 163 and 164:
Page 165 and 166:
4.3.12 Java Applets The Java Applet
Page 167 and 168:
Page 169 and 170:
4.3.13 Java Applications The Java A
Page 171 and 172:
Page 173 and 174:
Content Security Note that the sett
Page 175 and 176:
HTML Analysis Options Window Conten
Page 177 and 178:
Content Security You can also confi
Page 179 and 180:
4.3.15 VBScript The VBScript tab lo
Page 181 and 182:
— Usage of vulnerable functionali
Page 183 and 184:
For a description of this window, s
Page 185 and 186:
4.3.17 Potentially Unwanted Program
Page 187 and 188:
Content Security Using this section
Page 189 and 190:
Content Security If you want to use
Page 191 and 192:
4.4.1 General Settings The General
Page 193 and 194:
Content Security For signed content
Page 195 and 196:
The checkbox is marked by default.
Page 197 and 198:
Content Security Use the drop-down
Page 199 and 200:
Use the following items to perform
Page 201 and 202:
Content Security A message will the
Page 203 and 204:
4.5.1 Actions The Actions tablooksl
Page 205 and 206:
ActiveX Controls The ActiveX Contro
Page 207 and 208:
ActiveX ClassID List The ActiveX Cl
Page 209 and 210:
4.6 Embedded Scripts Content Securi
Page 211 and 212:
Content Security If you want to use
Page 213 and 214:
4.7.1 Global Software Vendor List T
Page 215 and 216:
4.8 Use the following item to perfo
Page 217 and 218:
Content Security This section provi
Page 219 and 220:
4.9.1 Proactive Scanning Cache The
show all

Webwasher 6.0.1 Anti-Malware User's Guide - McAfee

Create successful ePaper yourself

Delete template?

Save as template?